Okta
This guide shows how to set-up Okta identity provider with Aidbox
Please make sure you use Aidbox v:2107
stable or later Aidbox versionIf you do not have an Okta account, create it to get your authorization server. Find your okta domain. You can do it in Security > API
Go to Application > Application in Okta and create a new one.
- Check Authorization Code Grant Type
- Set Sign-in url to <box-url>/auth/callback/<identity-provider-id>
Checkout Client ID and Client secret
Using REST Console create an IdentityProvider config. Replace <okta-domain> with your okta domain.
client.redirect_urishould be <box-url>/auth/callback/<identity-provider-fdid>- set
client.client_idandclient.client_secretto Okta's credentials - replace <box-url> with your box url (like http://localhost:8080)
- set scopes to
['profile', 'openid']
PUT /IdentityProvider/okta?_format=yaml&_pretty=true
content-type: text/yaml
type: okta
title: MyOkta # this element present only in 202106 version
active: true
system: 'okta'
scopes:
- profile
- openid
userinfo_endpoint: '<okta-domain>/oauth2/v1//userinfo'
authorize_endpoint: '<okta-domain>/oauth2/v1/authorize'
client:
id: <client-id>
secret: <client-secret>
redirect_uri: '<box-url>/auth/callback/okta'
token_endpoint: '<okta-domain>/oauth2/v1/token'
Go to your Aidbox base URL, you will be redirected to the login page - you should see "Log in with <provider.title or .type>" button**.** Press this button and log in with Okta user into aidbox.
This user will be logged into Aidbox Console, but without any permissions. Read more in Access Control Section about permissions.
Last modified 18d ago